LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

October 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS October 2005

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	A task that could be easier
From:	Cal Frye <[log in to unmask]>
Reply To:	Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:	Mon, 17 Oct 2005 10:47:45 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (48 lines)

OK, I have a question that is either a feature request or a bug in my system.
Please forgive the long post, but I think I'm getting lost in the SNMP
discussion and want to make this clear...

I have a RIAA request to disable access for a particular IP address based on
copyright violation. Notwithstanding the legal issues involved, here's what I've
done so far:

I searched the online users for the IP address, found a userid, IP, MAC, OS
type, and date of authentication. A surprize, as often the guy I want isn't in
the online users list at the moment I happen to look, but this time it works.

Now I want to move him from the Authenticated Student role into my Copyright
Violators role. I can't do that from the Online Users list directly. I'd like to
check his scan report, so I go over to Clean Access, which knows nothing of this
user, neither in the Certified Devices list nor the Network Scanner Reports
list; searching for his userid returns nothing. That's very interesting!

Searching for his MAC address shows him using a different IP address and guest
access back in August. At least that report turns up a hostname that is
consistent with his first name; I think I have the same guy.

Checking the Clean Access Agent reports list (use is optional, still) turns up
nothing either on the IP address or userid.

Going to the CCA server in question and consulting the DHCP assignment list
confirms that MAC address renewed the IP assignment on Sunday; I still have my man.

Why isn't he in my Clean Access list as an authenticated user? His guest access
would have expired in 24 hours.

Finally, I go to Filters, where I enter all the data I have manually to create a
filter to put him in the role I want him in.

I don't particularly care whether this is done via the browser interface, or via
SNMP using client software (as long as it works on Mac and Linux in addition to
Windows) or voodoo, I just want some single place to accomplish this task: Given
an IP address, I want to be able to confirm the identity and change the assigned
user role. Why is this so hard?

-- 
--Cal Frye, Network Administrator, Oberlin College
   www.ouuf.org, www.calfrye.com
   Say Yes Twice for Oberlin Schools!   www.oberlinyesyes.com

  "The day after I was elected, I had my high school grades classified Top
Secret." --Ronald Reagan (b. 1911)

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU